Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scanning Swift code doesn't work when building with Xcode 16 #2506

Open
bwhtmn opened this issue Sep 24, 2024 · 26 comments
Open

Scanning Swift code doesn't work when building with Xcode 16 #2506

bwhtmn opened this issue Sep 24, 2024 · 26 comments

Comments

@bwhtmn
Copy link

bwhtmn commented Sep 24, 2024

Running a CodeQL scan on Swift code using a manual build fails, when building with Xcode 16.0 with the following error message:

CodeQL detected code written in Swift but this run didn't build any of it, or CodeQL could not process any of it. Ensure that you have provided manual build steps (see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#about-specifying-build-steps-manually) for Swift between the 'init' and 'analyze' Actions, and check the workflow run logs (see https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs). For more information, review our troubleshooting guide at https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build .

Building with Xcode 15.4 doesn't have this issue. I've reproduced this with a basic sample app (just using the new app template from Xcode) to verify that it's not specific to our app configuration.

@smowton
Copy link
Contributor

smowton commented Sep 24, 2024

Are you able to share a link to your example repository so we can review logs etc?

@bwhtmn
Copy link
Author

bwhtmn commented Sep 24, 2024

Sure! Here's a link to my sample repo: https://github.com/bwhtmn/codeql-xcode16 You can see 3 action runs. The first one is using Xcode 15.4 and succeeds. The next two are using Xcode 16.0 and fail, with the error noted above.

@smowton
Copy link
Contributor

smowton commented Sep 25, 2024

Thanks -- we suspect this relates to Swift 6 support; we'll investigate and confirm.

@ajaysubra
Copy link

@smowton I may be facing the same issue with this repo - https://github.com/klaviyo/klaviyo-swift-sdk/

@bernhardkreminski-qm
Copy link

@smowton do you have an update?
We face the same issues by just updating the Xcode version, upgrading swift in the project was not involved.

@andersfugmann
Copy link

We are currently investigating problems related to scanning Swift code when using Xcode 16 and Swift 6.0. We cannot share any timelines on how long this will take just yet, or when support will be available. After we complete our initial investigation, we'll try to share an estimate on when support to Xcode 16 and Swift 6.0 will be available.

@bernhardkreminski-qm
Copy link

Thanks for the update.
What about Xcode 16 not using swift 6?
From my point of view this are two disjunct topics. Do you want to tackle them individually or together?
Thanks!

@drekka
Copy link

drekka commented Oct 23, 2024

Not sure if I'm getting the same results as this is the first time I've attempted to use CodeQL and I'm follow some work done by another developer.

To setup I did the following things. First I created a make.sh script in the root of the project containing:

#!/bin/sh
xcodebuild build -workspace MyProject.xcworkspace -scheme MyProject  -configuration Debug CODE_SIGN_IDENTITY="" APP_SHORTCUTS_ENABLE_FLEXIBLE_MATCHING=NO

Then I installed CodeQL CLI bundle from https://github.com/github/codeql-action/releases and ran

codeql/codeql database create ./dbs/mobile --language=swift --source-root . --overwrite --command="./make.sh"

Followed by:

codeql/codeql database analyze ./dbs/mobile --format csv --output results.csv

Which barfed with a bunch of errors about the swift code pack being missing. Which was strange as I thought it had come down with the CLI and when I looked in the codeql/ folder there was a swift folder present along with a bunch of other languages.

So I dug around the internet and eventually ran:

codeql/codeql pack download codeql/swift-queries

which seemed to install some stuff, then ran the analyze again. This time it seemed to work, however told me there was 288 unresolved AST nodes and produced an empty results.csv file.

So now I'm a bit stuck as to what to do next. Or if this is even working.

@simonmcl
Copy link

Just switched my project to Xcode 16/macos-15 and seeing failures in CodeQL too

I have a job that builds and runs unit tests, this completes fine. I have a second job that inits codeQL, builds the project, and its failing. I'm seeing issues in the console like:

Library not loaded: @rpath/libSwiftSyntax.dylib
...
Reason: tried: '/Users/runner/work/_temp/codeql_databases/working/copy-root/000001F5/Applications/Xcode_16.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/Frameworks/libSwiftSyntax.dylib' (no such file), 

Heres a link to the action result if you would like to examine: https://github.com/kukai-wallet/kukai-core-swift/actions/runs/11497720372/job/32002002011

@simonmcl
Copy link

@smowton any update on this?

@PSchmiedmayer
Copy link

We are running into the same issue regarding Swift 6 support for CodeQL; it would be amazing to see support for this to continue using it in our projects.

Are there any plans to support Swift 6 in the near future and what would be an anticipated timeline?

@weisunOW
Copy link

weisunOW commented Nov 17, 2024

@simonmcl I had the same issue, the response to my issue is that scanning with Xcode 16 is not yet supported. Please see the contributor's response here

@bernhardkreminski-qm
Copy link

Is there a timeline?

@salvatoreboemia
Copy link

same here. not work for Xcode 16.1

@bernhardkreminski-qm
Copy link

Can someone share a timeline? We need to think about alternatives.

@coadaflorin
Copy link
Contributor

Hey everyone, a quick update from the CodeQL team. We are currently testing some of the last parts we need to complete our work supporting Swift 6.0 and Xcode 16. Based on the released schedule for CodeQL we expect these changes to become available with the 2.20.0 version. Based on the current release plan, the release date for this version is after Dec 20.

@armmen
Copy link

armmen commented Dec 10, 2024

is there any updates related to this, looks like 2.20.0 has been released?

@bwhtmn
Copy link
Author

bwhtmn commented Dec 10, 2024

I re-ran the CodeQL action for my simple test project. Verified that it's using CodeQL v2.20.0, but the issue is still present. https://github.com/bwhtmn/codeql-xcode16/actions/runs/12259476467

@bernhardkreminski-qm
Copy link

@coadaflorin can you give an update please

@weisunOW
Copy link

weisunOW commented Dec 11, 2024

It looks like the runner images are still using 2.19.3. macOS-15 readme. We can wait for the next release, or we can install CodeQL CLI via homebrew for now.

Update: I had a try with v2.20.0 cli locally, I'm still seeing the same error as described in github/codeql#17819

@coadaflorin
Copy link
Contributor

Hi everyone, we had to accelerate the release of 2.20.0 to get some updates out and that meant we did not get a chance to merge in the changes that add support for Xcode 16 / Swift 6.0. We will add these in the next release which is currently estimated shortly after the new year. Thank you for your patience and feel free to tag me if you have more questions on the topic.

@ehab-al-cko
Copy link

@coadaflorin Please let us know updates. Thanks

@coadaflorin
Copy link
Contributor

Hi everyone, we just released 2.20.1 which contains the changes that should make your Swift 6 / Xcode 16 projects work. Let me know if you are still seeing issues.

@bwhtmn
Copy link
Author

bwhtmn commented Jan 10, 2025

Thanks @coadaflorin ! Looks like the CodeQL GitHub Action hasn't been updated to use 2.20.1 yet, but I was able to get a successful run using Xcode 16.2 by explicitly specifying the tools: input.

    - name: Initialize CodeQL
      uses: github/codeql-action/init@v3
      with:
        tools: https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.20.1/codeql-bundle-osx64.tar.gz

@smowton
Copy link
Contributor

smowton commented Jan 10, 2025

Hint: you can use tools: latest to get the latest CodeQL ASAP (immediately upon release), rather than wait for the 1-2-day-long incremental rollout typical of a new release.

@smowton
Copy link
Contributor

smowton commented Jan 10, 2025

@bwhtmn don't forget to post a reminder for Tuesday to remove this and avoid getting stuck on 2.20.1, as by that time 2.20.1 will be fully rolled out (unless the rollout reveals a problem requiring its withdrawal, of course, though this is rare)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests